Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/Q9NHFxNakUf-aGbJZEvkcPN-t7o.roa
File: Q9NHFxNakUf-aGbJZEvkcPN-t7o.roa (raw, json)
Hash identifier: pdLMdPcQXUq+yRvckD8bMqEDezomGKT/PE2mlVBRIO8=
Subject key identifier: 43:D3:47:17:13:5A:91:47:FE:68:66:C9:64:4B:E4:70:F3:7E:B7:BA
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018FCCE9D65203FDC593F6D9692613D6FDB9
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/Q9NHFxNakUf-aGbJZEvkcPN-t7o.roa
Signing time: Fri 31 May 2024 04:30:27 +0000
ROA not before: Fri 31 May 2024 04:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31363
IP address blocks: 80.90.250.0/24 maxlen: 24
86.62.75.0/24 maxlen: 24
86.62.79.0/24 maxlen: 24
86.62.84.0/24 maxlen: 24
86.62.92.0/24 maxlen: 24
86.62.94.0/24 maxlen: 24
86.62.96.0/24 maxlen: 24
86.62.98.0/24 maxlen: 24
86.62.99.0/24 maxlen: 24
86.62.102.0/24 maxlen: 24
86.62.103.0/24 maxlen: 24
86.62.110.0/24 maxlen: 24
86.62.112.0/24 maxlen: 24
86.62.113.0/24 maxlen: 24
86.62.114.0/24 maxlen: 24
86.62.115.0/24 maxlen: 24
86.62.116.0/24 maxlen: 24
86.62.117.0/24 maxlen: 24
86.62.118.0/24 maxlen: 24
86.62.119.0/24 maxlen: 24
86.62.125.0/24 maxlen: 24
195.54.207.0/24 maxlen: 24
195.54.209.0/24 maxlen: 24
195.54.210.0/24 maxlen: 24
195.54.211.0/24 maxlen: 24
195.91.133.0/24 maxlen: 24
195.91.138.0/24 maxlen: 24
195.91.144.0/24 maxlen: 24
195.91.145.0/24 maxlen: 24
195.91.146.0/24 maxlen: 24
195.91.147.0/24 maxlen: 24
195.91.148.0/24 maxlen: 24
195.91.149.0/24 maxlen: 24
195.91.150.0/24 maxlen: 24
195.91.151.0/24 maxlen: 24
195.91.153.0/24 maxlen: 24
195.91.156.0/24 maxlen: 24
195.91.160.0/24 maxlen: 24
195.91.165.0/24 maxlen: 24
195.91.166.0/24 maxlen: 24
195.91.168.0/24 maxlen: 24
195.91.169.0/24 maxlen: 24
195.91.170.0/24 maxlen: 24
195.91.171.0/24 maxlen: 24
195.91.172.0/24 maxlen: 24
195.91.173.0/24 maxlen: 24
195.91.174.0/24 maxlen: 24
195.91.175.0/24 maxlen: 24
195.91.178.0/24 maxlen: 24
195.91.179.0/24 maxlen: 24
195.91.180.0/24 maxlen: 24
195.91.181.0/24 maxlen: 24
195.91.182.0/24 maxlen: 24
195.91.184.0/24 maxlen: 24
195.91.187.0/24 maxlen: 24
195.91.188.0/24 maxlen: 24
195.91.191.0/24 maxlen: 24
195.91.192.0/24 maxlen: 24
195.91.195.0/24 maxlen: 24
195.91.196.0/24 maxlen: 24
195.91.197.0/24 maxlen: 24
195.91.204.0/24 maxlen: 24
195.91.207.0/24 maxlen: 24
195.91.208.0/24 maxlen: 24
195.91.209.0/24 maxlen: 24
195.91.210.0/24 maxlen: 24
195.91.211.0/24 maxlen: 24
195.91.213.0/24 maxlen: 24
195.91.215.0/24 maxlen: 24
195.91.217.0/24 maxlen: 24
195.91.218.0/24 maxlen: 24
195.91.219.0/24 maxlen: 24
195.91.220.0/24 maxlen: 24
195.91.221.0/24 maxlen: 24
195.91.222.0/24 maxlen: 24
195.91.223.0/24 maxlen: 24
195.91.224.0/24 maxlen: 24
195.91.225.0/24 maxlen: 24
195.91.226.0/24 maxlen: 24
195.91.227.0/24 maxlen: 24
195.91.228.0/24 maxlen: 24
195.91.229.0/24 maxlen: 24
195.91.230.0/24 maxlen: 24
195.91.231.0/24 maxlen: 24
195.91.232.0/24 maxlen: 24
195.91.233.0/24 maxlen: 24
195.91.234.0/24 maxlen: 24
195.91.235.0/24 maxlen: 24
195.91.236.0/24 maxlen: 24
195.91.237.0/24 maxlen: 24
195.91.238.0/24 maxlen: 24
195.91.239.0/24 maxlen: 24
195.91.240.0/24 maxlen: 24
195.91.241.0/24 maxlen: 24
195.91.242.0/24 maxlen: 24
195.91.243.0/24 maxlen: 24
195.91.244.0/24 maxlen: 24
195.91.245.0/24 maxlen: 24
195.91.246.0/24 maxlen: 24
195.91.247.0/24 maxlen: 24
195.91.252.0/24 maxlen: 24
195.91.254.0/24 maxlen: 24
195.91.255.0/24 maxlen: 24
2a02:2698:9800::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:cc:e9:d6:52:03:fd:c5:93:f6:d9:69:26:13:d6:fd:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: May 31 04:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43d34717135a9147fe6866c9644be470f37eb7ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:45:ab:61:d3:57:52:10:82:2d:2d:de:c8:25:
f0:7c:95:c7:69:99:5b:0c:53:36:67:76:ac:2a:43:
41:26:d3:9b:a2:4f:9b:81:a4:1d:8e:16:a8:4b:f5:
ec:a2:8c:f3:15:a2:2f:fc:c9:e6:ed:4e:89:aa:90:
c2:f8:4d:81:67:cd:6e:88:08:ba:26:b8:a4:b5:73:
57:2c:a4:58:6a:c4:01:0d:fd:4b:71:85:b0:42:fc:
bd:1a:b1:48:51:f0:15:b2:43:fe:0e:3f:80:7f:d9:
1c:59:71:0e:fc:32:92:1d:33:70:0a:06:3e:6b:48:
c6:a6:1f:45:b3:d3:03:5b:15:7c:c6:77:05:8c:54:
a7:fe:e1:1a:fe:3e:ab:6f:53:1e:76:7a:53:25:da:
57:1e:78:b0:ac:e8:01:d7:ff:6f:dd:d2:8a:77:e4:
0a:ff:9b:03:62:ae:e1:47:c4:ad:81:66:28:6c:c9:
82:69:d8:7e:ae:9f:70:e0:a7:67:73:b9:70:4c:f3:
95:0b:f1:6d:cc:16:68:1c:65:ba:e8:a0:f9:91:0e:
1e:83:dd:cd:d4:aa:2d:c4:98:59:15:8e:b1:c6:1e:
15:a8:bc:ed:94:88:42:ed:eb:75:2f:29:d1:fe:c9:
8d:9f:7d:47:b6:34:67:7e:63:c6:51:85:8a:07:bc:
24:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D3:47:17:13:5A:91:47:FE:68:66:C9:64:4B:E4:70:F3:7E:B7:BA
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/Q9NHFxNakUf-aGbJZEvkcPN-t7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.250.0/24
86.62.75.0/24
86.62.79.0/24
86.62.84.0/24
86.62.92.0/24
86.62.94.0/24
86.62.96.0/24
86.62.98.0/23
86.62.102.0/23
86.62.110.0/24
86.62.112.0/21
86.62.125.0/24
195.54.207.0/24
195.54.209.0-195.54.211.255
195.91.133.0/24
195.91.138.0/24
195.91.144.0/21
195.91.153.0/24
195.91.156.0/24
195.91.160.0/24
195.91.165.0-195.91.166.255
195.91.168.0/21
195.91.178.0-195.91.182.255
195.91.184.0/24
195.91.187.0-195.91.188.255
195.91.191.0-195.91.192.255
195.91.195.0-195.91.197.255
195.91.204.0/24
195.91.207.0-195.91.211.255
195.91.213.0/24
195.91.215.0/24
195.91.217.0-195.91.247.255
195.91.252.0/24
195.91.254.0/23
IPv6:
2a02:2698:9800::/38
Signature Algorithm: sha256WithRSAEncryption
49:9d:88:12:d3:52:10:8b:85:24:ce:49:1b:e3:cb:b8:39:49:
c4:6c:48:62:92:ae:2b:63:f3:8d:19:97:52:29:b3:e2:01:fe:
ff:ab:bb:23:eb:a0:10:3d:43:a1:08:66:6c:a6:87:9a:59:01:
65:8a:4c:c3:73:c5:e0:56:e3:f7:cf:a9:2f:74:1e:e2:36:c9:
c7:5b:92:bd:a1:04:5d:f2:8e:6b:57:e8:71:fd:f7:c9:14:d3:
79:f6:bf:75:01:94:07:3a:e5:9b:be:77:b6:b4:fc:f4:f8:ea:
60:36:3b:49:ea:da:4e:d0:61:e8:16:e2:f5:da:59:c3:9d:95:
14:c1:3b:c2:90:1b:a9:4d:33:b8:2d:46:41:7e:92:3d:64:0f:
70:15:22:29:ab:d0:66:34:01:15:fb:15:4f:7a:e4:58:3c:35:
09:33:89:36:47:5e:8e:b0:ef:1b:07:9e:e8:af:3e:15:cd:5b:
c8:2d:ce:1d:38:67:6a:e3:93:5d:37:d0:a0:dd:c9:7a:dd:99:
96:38:ad:cd:cb:73:4f:93:6b:b8:7e:ff:ef:a0:f9:1c:c7:e5:
70:a6:52:bd:bc:2e:4b:33:d0:04:0e:70:dc:43:eb:90:39:75:
0f:54:03:32:b6:8d:26:22:7f:5a:8e:52:38:38:86:a6:bf:1b:
2a:94:6c:b3
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgISAY/M6dZSA/3Fk/bZaSYT1v25MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjQwNTMxMDQzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2QzNDcxNzEzNWE5MTQ3ZmU2ODY2Yzk2NDRiZTQ3MGYzN2ViN2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEWrYdNXUhCCLS3eyCXwfJXHaZlb
DFM2Z3asKkNBJtObok+bgaQdjhaoS/XsoozzFaIv/Mnm7U6JqpDC+E2BZ81uiAi6
JriktXNXLKRYasQBDf1LcYWwQvy9GrFIUfAVskP+Dj+Af9kcWXEO/DKSHTNwCgY+
a0jGph9Fs9MDWxV8xncFjFSn/uEa/j6rb1MednpTJdpXHniwrOgB1/9v3dKKd+QK
/5sDYq7hR8StgWYobMmCadh+rp9w4Kdnc7lwTPOVC/FtzBZoHGW66KD5kQ4eg93N
1KotxJhZFY6xxh4VqLztlIhC7et1LynR/smNn31HtjRnfmPGUYWKB7wkVQIDAQAB
o4IDKTCCAyUwHQYDVR0OBBYEFEPTRxcTWpFH/mhmyWRL5HDzfre6MB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvUTlOSEZ4TmFrVWYtYUdiSlpFdmtjUE4tdDdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPQYIKwYBBQUHAQcBAf8EggEsMIIBKDCCARQEAgABMIIB
DAMEAFBa+gMEAFY+SwMEAFY+TwMEAFY+VAMEAFY+XAMEAFY+XgMEAFY+YAMEAVY+
YgMEAVY+ZgMEAFY+bgMEA1Y+cAMEAFY+fQMEAMM2zzAMAwQAwzbRAwQCwzbQAwQA
w1uFAwQAw1uKAwQDw1uQAwQAw1uZAwQAw1ucAwQAw1ugMAwDBADDW6UDBADDW6YD
BAPDW6gwDAMEAcNbsgMEAMNbtgMEAMNbuDAMAwQAw1u7AwQAw1u8MAwDBADDW78D
BADDW8AwDAMEAMNbwwMEAcNbxAMEAMNbzDAMAwQAw1vPAwQCw1vQAwQAw1vVAwQA
w1vXMAwDBADDW9kDBAPDW/ADBADDW/wDBAHDW/4wDgQCAAIwCAMGAioCJpiYMA0G
CSqGSIb3DQEBCwUAA4IBAQBJnYgS01IQi4Ukzkkb48u4OUnEbEhikq4rY/ONGZdS
KbPiAf7/q7sj66AQPUOhCGZspoeaWQFlikzDc8XgVuP3z6kvdB7iNsnHW5K9oQRd
8o5rV+hx/ffJFNN59r91AZQHOuWbvne2tPz0+OpgNjtJ6tpO0GHoFuL12lnDnZUU
wTvCkBupTTO4LUZBfpI9ZA9wFSIpq9BmNAEV+xVPeuRYPDUJM4k2R16OsO8bB57o
rz4VzVvILc4dOGdq45NdN9Cg3cl63ZmWOK3Ny3NPk2u4fv/voPkcx+VwplK9vC5L
M9AEDnDcQ+uQOXUPVAMyto0mIn9ajlI4OIamvxsqlGyz
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:58:31 2024 by rpki-client on console-fra.rpki-client.org